[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Does the RaQ XTR support suid perl?
- Subject: Re: [cobalt-users] Does the RaQ XTR support suid perl?
- From: Bruce Timberlake <Bruce.Timberlake@xxxxxxx>
- Date: Wed May 29 13:21:55 2002
- Organization: Sun Microsystems, Inc.
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
josh wrote:
>
> It is on when the system come up. The RT FAQ mentioned this as a
> possibility because it is not uncommon to leave the suidperl with the
> bit turned off so that users will at least ask themselves why before
> they turn it on. As far as I can tell the RaQ XTR -- but not earlier
> -- comes with an suidperl that does not work as expected.
> "chmod u+s suidperl" won't make it work.
Did some more digging on the web. Apparently, ext2 is a nosuid
filesystem and that might have something to do with it
(http://lists.debian.org/debian-devel/1999/debian-devel-199902/msg00295.html)
http://www.perldoc.com/perl5.6.1/pod/perlsec.html also says that in Perl
< 5.6.1, suidperl could introduce security holes. But using Perl 5.6.1,
if compiled with "-DSETUID_SCRIPTS_ARE_SECURE_NOW" it will work...
A few other pages I've seen say that you might be able to tinker with
the mount parameters for the various partitions, but now you're
venturing WAY outside what's supported, etc...
Maybe you can see what parts of RT "need" suid and modify them to not
require it or something? :)
--
Bruce Timberlake
Sun Cobalt Technology Engineer
Sun Microsystems, Inc.
E: bruce.timberlake@xxxxxxx
T: 877-718-3569 / x69369